package com.wxb.hello.auth.handler;

import com.alibaba.fastjson.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @author Feng Yu
 * @version V1.0
 * @date 2017-12-27
 */
public class CustAccessDeniedHandler implements AccessDeniedHandler {
    private static final Logger logger = LoggerFactory.getLogger(CustAccessDeniedHandler.class);

    @Override
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse response, AccessDeniedException ex) throws IOException, ServletException {
        JSONObject obj = new JSONObject(2);
        obj.put("rtnCode", "-7958");
        obj.put("rtnMsg", "登录SESSION失效");
        //
        logger.warn("SESSION.AccessDeniedHandler > {}", ex.getMessage());
        //
        response.setHeader("Content-Type", "application/json;charset=utf-8");
        response.getWriter().print(obj.toJSONString());
        response.getWriter().flush();
    }
}
